- 06 2月, 2013 2 次提交
-
-
由 Andy Polyakov 提交于
Kludge alert. This is arranged by passing padding length in unused bits of SSL3_RECORD->type, so that orig_len can be reconstructed. (cherry picked from commit 8bfd4c659f180a6ce34f21c0e62956b362067fba)
-
由 Ben Laurie 提交于
This patch makes the decoding of SSLv3 and TLS CBC records constant time. Without this, a timing side-channel can be used to build a padding oracle and mount Vaudenay's attack. This patch also disables the stitched AESNI+SHA mode pending a similar fix to that code. In order to be easy to backport, this change is implemented in ssl/, rather than as a generic AEAD mode. In the future this should be changed around so that HMAC isn't in ssl/, but crypto/ as FIPS expects. (cherry picked from commit e130841bccfc0bb9da254dc84e23bc6a1c78a64e)
-
- 08 12月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 29 8月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
all derived keys to the message callback. Add code to SSL_trace to include support for printing out keys.
-
- 04 6月, 2012 1 次提交
-
-
由 Ben Laurie 提交于
-
- 30 5月, 2012 1 次提交
-
-
由 Ben Laurie 提交于
-
- 22 2月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Move new structure fields to end of structures.
-
- 09 2月, 2012 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
some servers.
-
- 05 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 04 1月, 2012 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 01 1月, 2012 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Support for TLS/DTLS heartbeats.
-
- 25 12月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Robin Seggelmann <seggelmann@fh-muenster.de> Reviewed by: steve Add SCTP support for DTLS (RFC 6083).
-
- 25 11月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Peter Sylvester <peter.sylvester@edelweb.fr> Reviewed by: steve Make SRP conformant to rfc 5054. Changes are: - removal of the addition state after client hello - removal of all pre-rfc srp alert ids - sending a fatal alert when there is no srp extension but when the server wants SRP - removal of unnecessary code in the client.
-
- 20 5月, 2011 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Alexei Khlebnikov <alexei.khlebnikov@opera.com> Reviewed by: steve OOM checking. Leak in OOM fix. Fall-through comment. Duplicate code elimination.
-
- 30 4月, 2011 2 次提交
-
-
由 Dr. Stephen Henson 提交于
checking added, SHA256 PRF support added. At present only RSA key exchange ciphersuites work with TLS v1.2 as the new signature format is not yet implemented.
-
由 Dr. Stephen Henson 提交于
OPENSSL_NO_SSL_INTERN all ssl related structures are opaque and internals cannot be directly accessed. Many applications will need some modification to support this and most likely some additional functions added to OpenSSL. The advantage of this option is that any application supporting it will still be binary compatible if SSL structures change.
-
- 13 3月, 2011 1 次提交
-
-
由 Ben Laurie 提交于
-
- 06 9月, 2010 1 次提交
-
-
由 Ben Laurie 提交于
-
- 28 7月, 2010 1 次提交
-
-
由 Ben Laurie 提交于
-
- 21 1月, 2010 2 次提交
-
-
由 Dr. Stephen Henson 提交于
-
由 Dr. Stephen Henson 提交于
-
- 07 1月, 2010 1 次提交
-
-
由 Dr. Stephen Henson 提交于
1. Add provisional SCSV value. 2. Don't send SCSV and RI at same time. 3. Fatal error is SCSV received when renegotiating.
-
- 28 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
MCSV is now called SCSV. Don't send SCSV if renegotiating. Also note if RI is empty in debug messages.
-
- 17 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 08 12月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
work in SSLv3: initial handshake has no extensions but includes MCSV, if server indicates RI support then renegotiation handshakes include RI. NB: current MCSV value is bogus for testing only, will be updated when we have an official value. Change mismatch alerts to handshake_failure as required by spec. Also have some debugging fprintfs so we can clearly see what is going on if OPENSSL_RI_DEBUG is set.
-
- 10 11月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 17 6月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Reviewed by: steve@openssl.org Various GOST ciphersuite and ENGINE fixes. Including... Allow EVP_PKEY_set_derive_peerkey() in encryption operations. New flag when certificate verify should be omitted in client key exchange.
-
- 29 5月, 2009 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 12 10月, 2008 1 次提交
-
-
由 Ben Laurie 提交于
-
- 27 9月, 2007 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 23 9月, 2007 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 21 9月, 2007 1 次提交
-
-
由 Bodo Möller 提交于
(draft-rescorla-tls-opaque-prf-input-00.txt), and do some cleanups and bugfixes on the way. In particular, this fixes the buffer bounds checks in ssl_add_clienthello_tlsext() and in ssl_add_serverhello_tlsext(). Note that the opaque PRF Input TLS extension is not compiled by default; see CHANGES.
-
- 31 8月, 2007 1 次提交
-
-
由 Dr. Stephen Henson 提交于
Submitted by: Victor B. Wagner <vitus@cryptocom.ru>
-
- 12 8月, 2007 1 次提交
-
-
由 Dr. Stephen Henson 提交于
for OpenSSL.
-
- 05 6月, 2007 1 次提交
-
-
由 Dr. Stephen Henson 提交于
-
- 20 10月, 2006 1 次提交
-
-
由 Andy Polyakov 提交于
-
- 15 6月, 2006 1 次提交
-
-
由 Bodo Möller 提交于
-
- 19 12月, 2005 1 次提交
-
-
由 Andy Polyakov 提交于
from .h files...
-